We are not fish and advertising is not food

January 23, 2014

Doc Searls

Advertising, Featured Post, Intention Economy, Issues, Privacy, VRM

This is how the Internet looks to the online advertising business today:

2manyfish

This is how they approach it:

fishfeeding

And this is the result:

fishfeeding_mess

Advertising is a huge source of the “data pollution” Fred Wilson talked about at LeWeb a few weeks ago. (See here, starting at about 23 minutes in.)

What’s wrong with this view, and this approach, is the architectural assumption that:

We are consumers and nothing more. Fish in a bowl.
The Net — and the Web especially — is a container.
Advertisers have a right to target us in that container. And to track us so we can be targeted.
Negative externalities, such as data pollution, don’t matter.
This can all be rationalized as an economic necessity.

Yet here is what remains true, regardless of the prevailing assumptions of the marketing world:

We are not fish. Rather, as Cluetrain put it (in 1999!), we are not seats or eyeballs or end users or consumers. we are human beings and our reach exceeds your grasp. deal with it.
The Net was designed as a wide open space where all the intelligence that matters is at its ends, and each of us sits (stands, walks, drives) at one.
Even if advertisers have a legal right to target us, their manners are terrible and doomed for correction.
Negative externalities matter. A lot. As Fred said in his talk, we eventually dealt with the pollution caused by industry, and we’ll deal with it in the virutal world as well.
The larger economic necessity is for a well-functioning marketplace. We’ll get that online once free customers prove more valuable than captive ones.

The key is to replicate online the experience of operating as a free and independent customer in the physical world.

For example, when you go into a store, your default state is anonymity. Unless you are already known by name to the people at the store, you are nameless by default. This is a civic grace. There is no need to know everybody by name, and to do so might actually slow things down and make the world strange and creepy. (Ask anybody who has lived in a surveillance state, such as East Germany before it fell, what it is like to be followed, or to know you might be followed, all the time.) We haven’t yet invented ways to be anonymous online, or to control one’s anonymity. But that’s a challenge, isn’t it? Meaning it is also a market opportunity.

We’ve lived in a fishbowl long enough. Time to get human. I guarantee there’s a lot more money coming from human beings than from fish whose only utterances are clicks.

Data Privacy Legal Hack-A-thon

January 23, 2014

Mary Hodder

Events, Featured Post, Personal, Privacy, Tools, ToS, Uncategorized, VRM

Customer Commons is supporting, and board member, Mary Hodder, is hosting the Bay Area event. Additionally, there are NYC and London locations. Please join us if you are interested:

Data Privacy Legal Hackathon 2014

This is an unprecedented year documenting our loss of Privacy. Never before have we needed to stand up and team up to do something about it. In honour of Privacy Day, the Legal Hackers are leading the charge to do something about it, inspiring a two-day international Data Privacy Legal Hackathon. This is no ordinary event. Instead of talking about creating privacy tools in theory, the Data Privacy Legal Hackathon is about action! A call to action for tech & legal innovators who want to make a difference!

We are happy to announce a Data Privacy Legal Hackathon and invite the Kantara Community to get involved and participate. We are involved in not only hosting a Pre-Hackathon Project to create a Legal Map for consent laws across jurisdictions, but the CISWG will also be posting a project for the Consent Receipt Scenario that is posted in on the ISWG wiki.

The intention is to hack Open Notice with a Common Legal Map to create consent receipts that enable ‘customisers’ to control personal information If you would like to get involved in the hackathon, show your support, or help build the consent receipt infrastructure please get involved right away — you can get intouch with Mark (dot) Lizar (at)gmail (dot) com, Hodder (at) gmail (dot) com, or join the group pages that are in links below.

Across three locations on February 8th & 9th, 2014, get your Eventbrite Tickets Here:

* New York City * London, UK * San Francisco *

http://legalhackers.org/privacyhack2014/

This two-day event aims to mix the tech and legal scenes with people and companies that want to champion personal data privacy. Connecting entrepreneurs, developers, product makers, legal scholars, lawyers, and investors.

Each location will host a two-day “judged” hacking competition with a prize awarding finale, followed by an after-party to celebrate the event.

The Main Themes to The Hackathon Are:

Crossing the Pond Hack
Do Not Track Hack
Surveillance & Anti-Surveillance
Transparency Hacks
Privacy Policy Hack
Revenge Porn Hack

Prizes will be awarded:

1st Prize: $1,000
2nd Prize: $500
3rd Prize: $250

There are pre-hackathon projects and activities. Join the Hackerleague to participate in these efforts and list your hack:

A Consent Legal Map & Schema Project to create a legal map of the consent laws as a legal hackers tool for the event and projects posted at the event (many volunteers needed)
Brainstorming List of Hacks – Add your ideas
Share Tech and Links Page – Share your Knowledge
Hacks (Project) Page – Propose or Join a project
IRC Channel for Discussion

Sponsorship Is Available & Needed

Any organization or company seeking to show active support for data privacy and privacy technologies is invited to get involved.

Sponsor: prizes, food and event costs by becoming a Platinum, Gold or Silver Sponsor
Participate: at the event by leading or joining a hack project
Mentor: projects or topics that arise for teams, and share your expertise.

Contact NYC sponsorship: Phil Weiss email or @philwdjjd

Contact Bay Area sponsorship: Mary Hodder – Hodder (at) gmail (dot) com – Phone: 510 701 1975

Contact London sponsorship: Mark Lizar – Mark (dot) Lizar (at)gmail (dot) com – Phone: +44 02081237426 – @smarthart

Omie Update (version 0.2)

October 23, 2013

Iain Henderson

C2B, Developments, Intentcasting, Omie, Privacy, Tools, VRM

We’re overdue an update on the Omie Project…., so here goes.

To re-cap:

We at Customer Commons believe there is room/ need for a device that sits firmly on the side of the individual when it comes to their role as a customer or potential customer.
That can and will mean many things and iterations over time, but for now we’re focusing on getting a simple prototype up and running using existing freely available components that don’t lock us in to any specific avenues downstream.
Our role is demonstrate the art of the possible, catalyse the development project, and act to define what it means to ‘sit firmly on the side of the customer’.
For now, we’ve been working away behind the scenes, and now have a working prototype (Omie 0.2). But before getting into that, we should cover off the main questions that have come up around Omie since we first kicked off the project.

What defines an Omie?

At this stage we don’t propose to have a tight definition as the project could evolve in many directions; so our high level definition is that an Omie is ‘any physical device that Customer Commons licenses to use the name, and which therefore conforms to the ‘customer side’ requirements of Customer Commons.

Version 1.0 will be a ‘Customer Commons Omie’ branded white label Android tablet with specific modifications to the OS, an onboard Personal Cloud with related sync options, and a series of VRM/ Customer-related apps that leverage that Personal Cloud.

All components, wherever possible, will be open source and either built on open specs/ standards, or have created new ones. Our intention is not that Customer Commons becomes a hardware manufacturer and retailer; we see our role as being to catalyse a market in devices that enable people in their role of ‘customer’, and generate the win-wins that we believe this will produce. Anyone can then build an Omie, to the open specs and trust mechanisms.

What kind of apps can this first version run?

We see version 1 having 8 to 10 in-built apps that tackle different aspects of being a customer. The defining feature of all of these apps is that they all use the same Personal Cloud to underpin their data requirements rather than create their own internal database.

Beyond those initial apps, we have a long list of apps whose primary characteristic is that they could only run on a device over which the owner had full and transparent control.

We also envisage an Omie owner being able to load up any other technically compatible app to the device, subject to health warnings being presented around any areas that could breach the customer-side nature of the device.

How will this interact with my personal cloud?

As noted above, we will have one non-branded Personal Cloud in place to enable the prototyping work (on device and ‘in the cloud’), but we wish to work with existing or new Personal Cloud providers wishing to engage with the project to enable an Omie owner to sync their data to their branded Personal Clouds.

Where are we now with development?

We now have a version 0.2 prototype, some pics and details are below. We intend, at some point to run a Kickstarter or similar campaign to raise the funds required to bring a version 1.0 to market. As the project largely uses off the shelf components we see the amount required being around $300k. Meantime, the core team will keep nudging things forward.

How can I get involved?

We are aiming for a more public development path from version 0.3. We’re hoping to get the Omie web site up and running in the next few weeks, and will post details there.

Alternatively, if you want to speed things along, please donate to Customer Commons.

VERSION 0.2

Below are a few pics from our 0.2 prototype.

Home Screen – Showing a secure OS, a working, local Personal Cloud syncing to ‘the cloud’ for many and varied wider uses. This one shows the VRM related apps, there is another set of apps underway around Quantified Self.

My Suppliers – Just as a CRM system begins with a list of customers, a VRM device will encompass a list of ‘my suppliers’ (and ‘my stuff’).

My Transactions – Another critical component, building my transaction history on my side.

Intent Casting/ Stroller for Twins – Building out Doc’s classic use case, real time, locally expressed intention to buy made available as a standard stream of permissioned data. Right now there are about 50 online sellers ‘listening’ for these intent casts, able to respond, and doing business; and 3 CRM systems.

So what have we learned in the build of version 0.2?

Firstly, that it feels really good to have a highly functional, local place for storing and using rich, deep personal information that is not dependent on anyone else or any service provider, and has no parts of it that are not substitutable.

Secondly, that without minimising the technical steps to take, the project is more about data management than anything else, and that we need to encourage a ‘race to the top’ in which organisations they deal with can make it easy for customers to move data backwards and forwards between the parties. Right now many organisations are stuck in a negative and defensive mind-set around receiving volunteered information from individuals, and very few are returning data to customers in modern, re-usable formats through automated means.

Lastly that the types of apps that emerge in this very different personal data eco-system are genuinely new functions not enabled by the current eco-system, and not just substitutes for those there already. For example, the ‘smart shopping cart’ in which a customer takes their requirements and preferences with them around the web is perfectly feasible when the device genuinely lives on the side of the customer.

Surf safely with Web Pal

October 22, 2013

Doc Searls

Developments, Featured Post, Privacy, Tools

It’s time to draw the line on surveillance.

Today nearly every commercial website infects our browsers with tracking files that report our activities back to parties we may not know or trust.

So we’re providing a way to draw that line: Web Pal — a browser extension that blocks tracking and advertising*, eliminating the browser slowdowns caused by both.

Download the Web Pal here, from the Chrome Web Store
And click on the donate button to support our work.

Web Pal was developed for Customer Commons by Emmett Global, which provides privacy solutions to nonprofits. It combines Adblock Plus and Tampermonkey — two open source code bases — in one simple install that requires no additional work or maintenance. It also gives you a Customer Commons start page, which carries updates of news about surveillance and other topics of interest to Customer Commons members.

Here’s a video explaining the Web Pal:

We offer the Web Pal on Chrome. This gives you one safe browser with maximized protection, and the opportunity both to try out other protection systems on other browsers and to compare performance. Here is a list of those systems, from ProjectVRM at Harvard’s Berkman Center for Internet and Society:

Abine † Do Not Track Me, DeleteMe, MaskMe PrivacyWatch: privacy-protecting browser extensions and services

AdBlock Plus Ad and tracking blocking.

Emmett † “An easy to install browser plugin that protects your privacy online”

Collusion Firefox add-on for viewing third parties tracking your movements

Disconnect.me † browser extentions to stop unwanted tracking, control data sharing

Ghostery † browser extension for tracking and controlling the trackers

Privacyfix † “One dashboard for your Facebook®, LinkedIn®, and Google® privacy. Blocks over 1200 trackers.”

PrivacyScore † browser extensions and services to users and site builders for keeping track of trackers

Privowny † – “Your personal data coach. Protect your identity/privacy. Track what the Internet knows about you.”

Note that these are maintained on a wiki and subject to change. In fact, we invite Customer Commons members to participate in ProjectVRM, and help drive development of these and other tools.

And, of course, we welcome feedback and suggestions for improving the Web Pal. And we encourage everybody to support development of all tools and services that make customers liberated, powerful and respected in the open marketplace.

* What Adblock Plus calls acceptable ads are passed through by default, but you can change it to block all ads. Just go to Chrome’s Windows menu and click down through Extensions / Emmett Web Pal / Options / Adblock Plus / Filter List. Then uncheck “Allow some non-intrusive advertising”.

Customer Commons Research: 92% of People Engage in Some Strategy to Hide Personal Data

May 8, 2013

Mary Hodder

Events, Featured Post, Privacy, Research

We launched our first research paper today: Lying and Hiding in the Name of Privacy (PDF here) by Mary Hodder and Elizabeth Churchill.

Our data supporting the paper is here: Addendum Q&A and shortly we’ll upload a .xls of the data for those who want to do a deep dive into the results.

We all know that many people hide or submit incorrect data, click away from sites or refuse to install an app on a phone. We’ve all mostly done it. But how many? How much is this happening?

We’re at IIW today and of course, the age old dilemma is happening in sessions where one guy in the room says: “People will click through anything; they don’t care about privacy.” And the next guy will say, “People are angry and frustrated and they don’t like what’s happening.” But what’s real? What’s right?

We conducted this survey to get a baseline about what people do now as they engage in strategies to create privacy for themselves, to try to control their personal data.

The amazing thing is.. 92 % hide, lie, refuse to install or click, some of the time. We surveyed 1704 people, and had an astonishing 95% completion rate for this survey. We also had 35% of these people writing comments in the “comment more” boxes at the bottom of the multiple choice answers. Also astonishingly high.

People expressed anger, cynicism, frustration. And they said overwhelmingly that the sites and services that ask for data DON’T NEED it. Unless they have to get something shipped from a seller. But people don’t believe the sites. There is distrust. The services have failed to enroll the people they want using their services that something necessary is happening, and the people who use the services are mad.

We know the numbers are high, and that it’s likely due to many not having a way to give feedback on this topic. So when we offered the survey, people did vent.

But we think it also indicates the need for qualitative and quantitative research on what is true now for people online. We want more nuanced information about what people believe, and how we might fix this problem. Many sites only look at user logs to figure out what is happening on a site or with an app, and therefore, they miss this problem and the user feelings behind them. We want to see this studied much more seriously so that people no longer make the conflicting statements at conferences, so that developers say the user’s don’t care, so that business models are developed that think different than we do now, where sites and services just take personal data. We want to get beyond the dispute over whether people care, to real solutions that involve customers and individuals in ways that respect them and their desires when they interact with companies.

Lying and Hiding in the Name of Privacy

May 8, 2013

Mary Hodder

Events, Privacy, Research

Authors: Mary Hodder and Elizabeth Churchill

Creative Commons licenced: by-nc-nd

©Customer Commons, 2013

Contact: Mary Hodder, [email protected]

Abstract

A large percentage of individuals employ artful dodges to avoid giving out requested personal information online when they believe at least some of that information is not required. These dodges include hiding personal details, intentionally submitting incorrect data, clicking away from sites or refusing to install phone applications. This suggests most people do not want to reveal more than they have to when all they want is to download apps, watch videos, shop or participate in social networking.

Keywords: privacy, personal data, control, invasion, convergence

Download a PDF of the paper here.

Survey

Customer Commons’ purpose in conducting this research is to understand more fully the ways in which people manage their online identities and personal information. This survey, the first of a planned series of research efforts, explores self-reported behavior around disclosure of personal information to sites and services requesting that information online. We believe the results of this survey offer a useful starting point for a deeper conversation about the behaviors and concerns of individuals seeking to protect their privacy. Subsequent research will explore how people feel and behave toward online tracking.

This research is also intended to inform the development of software tools that give individuals ways to monitor and control the flow and use of personal data.

For this research project, Customer Commons in late 2012 surveyed a randomized group of 1,704 individuals within the United States (1,689 finished the survey, or 95%). Respondents were geographically distributed, aged 18 and up (see the appendix for specifics), and obtained through SurveyMonkey.com. The margin of error was 2.5%.

Respondents gave checkbox answers to questions and in some cases added remarks in a text box. (Survey questions and answers are in an addendum to this paper.)

Key Findings

Protecting personal data

This survey focused on the methods people use to restrict disclosure of requested personal information. Those methods include withholding, obscuring or falsifying the requested information.

Only 8.45% of respondents reported that they always accurately disclose personal information that is requested of them. The remaining 91.55% reported that they are less than fully disclosing. If they decide the site doesn’t need personal information such as names, birthdates, phone numbers, or zip codes, they leave blank answers, submit intentionally incorrect information, click away from the site, or — in the case of mobile applications, decline to install.

Most people withhold at least some personal data. Specifically,

75.7% of respondents avoid giving their mobile numbers
74.8% avoid “social” login shortcuts such as those provided by Facebook or Twitter
73.4% avoided giving sites or services access to a friend or contact list.
58.3% don’t provide a primary email address
49.3% don’t provide a real identity

The concept of trust was raised in 22% of the written responses explaining why people hide their information. Some examples include:

“I cannot trust a random website”
“I do not want spam and do not want to expose others to spam. I also don’t know how that information could be used or if the people running the site are trustworthy.”
“If I know why info is needed then I might provide, otherwise no way”
“I felt the need to cover my I.D. a little bit — like age and gender. And I still withhold my social security #.”
“If I feel they don’t need it to provide a service to me they don’t get it even if I have to enter in fake info”
“Worries on identity theft and general privacy.”
“i would never give out my friends or and familys (sic) info ever”

Many respondents said sites and services request more data than required. Others suggested that providing requested information would result in an increased risk to their security. More results:

When the 71% of respondents who reported withholding information were asked why, they said they didn’t believe the sites needed the information. Specifically,
- 68% reported they either didn’t know the site well when they withheld their data or didn’t trust the site.
- 45% of those who felt they knew the site or service well still withheld information.

Respondents lied about various line items as a strategy to protect their privacy. For example, 34.2% intentionally provided an incorrect phone number, and 13.8% provided incorrect employment information. Here are some reasons they gave:

“I didn’t want them to have all my information, or feel it was necessary.”
“I have obscured various information so that I would not have further contact with a vendor who won’t leave me alone”
“Faking it is the best to avoid unwanted contact”
“Sometimes you just want to use a service without them knowing every thing about you.”
“I don’t like websites to have very much information on me. I regularly give out spam email addresses, bad birthday dates, and bad location information.”
“Registering for many mundane website often requires some pretty detailed personal info. I generally fudge this. None of their business”
“Because information is so easily found and transferred on the internet I do provide false info quite often to protect my identity.”

Even those who had never submitted incorrect information made statements such as:

“Have never made up info – just ignored requests :-)”
“i just don’t use that website”
“I have an email address that is purly (sic) for junk mail. I use this email address for websites that request my email address and then I go into that email and delete all email monthly.”
“I have never given incorrect information, but I have thought about it.”
“I don’t lie, but I omit as I feel appropriate.”

Going with the flow

Correcting already obscured or falsified information appears to be too much of a chore. Specifically,

Over 50% have rarely or never corrected data they submitted incorrectly
30% correct their data “sometimes.” Of that 30%,
- 55% said a purchase required correct information
- 56% had a growing feeling of comfort with the site or service
- 46% cited the ability to realize new benefits from the site with corrected information
- 30% said they noticed others’ incorrect data at Facebook or other social sites, or in phone applications, and —
  - 80% of this group assumed that the data was falsified as a way to protect privacy
  - 40% believed the incorrect data was there to mislead marketers
  - 12% believed secretive associates were trying to mislead them
- 13% believed services always needed correct personal information
- 75% believed the services needed it only sometimes
- 12% said it was never needed.

Respondents also believed that other users of these services always needed or expected correct personal data about each other 27% of the time, whereas 23% said it was sometimes needed, and 48% said it was never needed.

Privacy online

The results of this survey support the hypothesis that people limit, refuse to give or obfuscate personal information in an attempt to create a measure of privacy online.

On July 30, 2010, in the first article in its “What They Know” series, The Wall Street Journal reported, “One of the fastest-growing businesses on the Internet … is the business of spying on Internet users. The Journal conducted a comprehensive study that assesses and analyzes the broad array of cookies and other surveillance technology that companies are deploying on Internet users. It reveals that the tracking of consumers has grown both far more pervasive and far more intrusive than is realized by all but a handful of people in the vanguard of the industry.”[i]

Adds Doc Searls, in The Intention Economy, “Tracking and ‘personalizing’—the current frontier of online advertising—probe the limits of tolerance. While harvesting mountains of data about individuals and signaling nothing obvious about their methods, tracking and personalizing together ditch one of the few noble virtues to which advertising at its best aspires: respect for the prospect’s privacy and integrity, which has long included a default assumption of anonymity.”[ii]

This survey showed one result of this system. Respondents expressed a general lack of trust in their relationships with online businesses. Many feelings ran strong. Here are some of the comments:

“Scary world out there, and I am a bit angry about the fact that all these website ‘track me’ as if that is OK, and then they sell MY data, obviously making money in the process. How is that OK or even legal? Don’t I control MY information? Apparently not…”
“So if I think it might be ‘harmful’ to give out info, I don’t do it.”
“I want cookies outlawed 🙁
“My ex-husband was abusive and has stalked me. I don’t need to let the greedy sellers of my personal information draw him a map to my front door.”
“While I doubt I have any real protection of privacy, I have a desire to try to send a message that I want my right to protection of privacy. I regret how much we as a society have lost to the powers of marketing.”
“I don’t trust the security procedures of most companies. Security costs money, which cuts into profits, thus most companies have limited incentive to protect PII from cyber criminals.”
“The web is far less secure than commonly known.”
“Just as I have disconnected my land line because of a flood of unwanted calls, I refuse to give online/ access information for the same reason.”

These survey responses show people resort to withholding data or submitting false data to avoid feeling exposed online. When deciding whether to share personal information, the majority of respondents doubt that sites or services need to collect more than a minimum of obviously necessary personal data.

Conclusion

When people withhold personal data, it is to create a sense of privacy and control of their personal lives.

People are afraid or distrustful of sites, services and phone apps that request their personal data. They withhold or falsify information because they do not believe the sites need their data, and because they do not want to disclose information that might lead to spamming or other intrusions. Moreover, the techniques that people employ to preserve their sense of privacy online are largely improvised, informed by fear, and based on their subjective evaluation of entities that solicit personal information.

For the sake of privacy, people contribute to and tolerate the presence of incorrect personal data online, and attempt to correct it only when they see the clear upsides of accuracy. And, despite the failure of businesses and other organizations to convince users of the need to provide personal details beyond an email address, most users remain comfortable disclosing additional personal data only with those they know and trust.

Research Funding Grant

This research project was funded with a grant from CommerceNet, a not-for-profit research institute working to fulfill the potential of the Internet since 1993.

Customer Commons

Customer Commons is a not-for-profit working to restore the balance of power, respect and trust between individuals and the organizations that serve them, especially in the online world. We stand with the individual and therefore do not take contributions from commercial entities.

ADDENDUM: Questions and Answers

Click here to see the complete questions, answers and written answers offered by people to provide additional information.

[i] Julia Anguin, “The Web’s New Gold Mine: Your Secrets” The Wall Street Journal, July 30, 2010. http://online.wsj.com/article/SB10001424052748703940904575395073512989404.html

[ii] Doc Searls, The Intention Economy: When Customers Take Charge. (Cambridge, Massachusetts: Harvard Business Review Press, 2012). P. 28.

Meet Omie: a truly personal mobile device

April 25, 2013

Doc Searls

Developments, Featured Post, Intentcasting, Intention Economy, Omie, Privacy

This is Omie:

She is, literally, a clean slate. And she is your clean slate. Not Apple’s. Not Google’s. Not some phone company’s.

She can be what you want her to be, do what you want her to do, run whatever apps you want her to run, and use data you alone collect and control.

Being a clean slate makes Omie very different.

On your iPhone and iPad you can run only what Apple lets you run, and you can get only from Apple’s own store. On an Android phone you have to run Google’s pre-loaded apps, which means somebody is already not only telling you what you must do, but is following you as well.

Omie uses Android, but bows to Google only in respect of its intention to create an open Linux-based OS for mobile devices.

So Omie is yours, alone. Fully private, by design, from the start.

At Omie’s heart is your data, in your own personal cloud — not Google’s cloud or Apple’s cloud or Amazon’s cloud or the cloud of any other silo’d service.

Think of your personal cloud as a place for your stuff. Right now most of the data you use in the online marketplace — what should be your stuff — really isn’t. It’s out in clouds that aren’t yours: one for every Web site and service you deal with.

Consider your wallet — the one in your pocket or purse. That’s your wallet. Not Google’s or Paypal’s. Yet right now Google, Paypal and a dozen other companies think the wallet you carry online should be theirs. Wouldn’t it be better to carry all their wallets inside one that’s yours alone? Omie is desgned to make that possible, simply because she is yours alone.

Consider your shopping cart. Today that’s not even imaginable, because eevery shopping cart you’ve ever seen belongs to a company. Amazon, Ebay, Etsy, Walmart and the rest of them all have their own shopping carts for you. Why shouldn’t you have your own shopping cart, where you can see all the stuff you’ve almost-bought from all those online stores? With Omie you can at least imagine that, because Omie is yours. And imagining is the first step toward making.

So: what apps would you like Omie to run? Once we get the first few nailed down, we’ll crowdsource funding for developing both Omie and her first apps, or at least the specs for them.

To make that easy, here are just two requirements:

Each app must be a kind that can only run on a device that is the owner’s alone. It can’t be one that only a corporate platform-owner (such as Google or Apple) can provide.
Each app must rely first and foremost on data in the owner’s personal cloud.

The box we need to think outside of is the one that starts with a company. Here we’re starting with you.

Omie should be an instrument of control — by you. That’s why we’re stepping forward with it. Our job at Customer Commons is to stand on the side of the customer. That means we want apps that work for the customer first, and not just the seller. We need something solid to hold at our end of the demand chain — rather than, once again, to hold a device that serves as the far end of the supply chain’s whip.

We’ll bring up Omie at IIW. If you’re one of the 250 people here, come to the Omie session and let’s talk about where to go with the project. If you’re not here, put your thoughts and requests below.

Wallets are personal

February 12, 2013

Doc Searls

Developments, Featured Post, Intention Economy, Personal, Privacy, Tools, VRM

wallet-small A lot of big companies are eager to get their hands in your pockets — literally. They want your mobile phone to work as a digital wallet, and they want the digital wallet app you use to be theirs.

Naturally, this looks like it should be a big business — and to some degree it is already. But it also hasn’t met promotional expectations. This became clear a few days ago, when comScore released Digital Wallet Road Map 2013, a $4995 report on the digital wallet business. In a press release highlighting the report’s findings, Andrea Jacobs, comScore Payments Practice Leader, said “Digital wallets represent an innovative technology that has not yet reached critical mass among consumers due to a variety of factors, including low awareness and a muddied understanding of their benefits.” Here’s how the release unpacks that:

The current digital wallet landscape remains fragmented among providers because of low consumer adoption outside of PayPal, with only 12 percent of consumers claiming to have used a digital wallet other than PayPal. However, study results indicated that the digital wallet market opportunity could eventually reach 1 in 2 consumers as consumers become more aware of the offerings and educated on their benefits.

Consumer Awareness and Usage of Digital Wallet Offerings
November 2012
Source: comScore Digital Wallet Road Map 2013

Digital Wallet Percentage of Total Respondents Aware of Digital Wallet Percentage of Total Respondents Who Used the Digital Wallet

PayPal 72% 48%

Google Wallet 41% 8%

MasterCard PayPass Wallet 13% 3%

Square Wallet 8% 2%

V.me by Visa 8% 2%

ISIS 6% 1%

Lemon Wallet 5% 1%

LevelUp 5% 2%

One clear barrier to use of digital wallets is that the concept is often difficult to convey and prone to misinterpretation. Even after being asked to review the websites of particular digital wallets, respondents across all wallet brands still scored an average of just 45 percent in terms of demonstrated level of understanding.

Here’s the problem: wallets are personal. Even if you have a wallet with a brand name on it (say, Gucci or Fossil), it isn’t their wallet. It’s yours. What you keep in it, and how you use it, are none of their business. In fact, those companies would never think of making it their business, because all they’re providing you is a place to put your credit cards, your cash, or whatever other flat things you feel like carrying around in your pocket or purse.

So far, all the digital wallets out there are not yours. They belong to some company. You merely use the app. The wallet is their business, not yours. In this respect they aren’t much different than credit cards or various loyalty cards, which are things you put in your wallet; not the wallet itself. The wallet itself should be agnostic, if not oblivious, to what you put in there. It should be like a toolbox, where you can store lots of different tools, made by lots of different companies, made for serving different purposes.

All the digital wallet companies in comScore’s chart have isolated, proprietary and silo’d ways of providing payment benefits to users. Imagine buying a tool box from Sears that could only hold its own brand of tools, which would only work with devices from companies that were partners of Sears. That’s what we have with digital wallets so far. It’s the same problem we had with online systems (AOL, Compuserve, Prodigy, etc.) before the Internet came along. They were closed silos.

The Net works because it is a general purpose system. It isn’t run by any one company. Likewise, PCs are also general purpose systems. The company making them doesn’t insist that it only works with certain other partner companies. In that respect it’s open, just like the wallet in your pocket or purse. Smartphones, on the other hand, are general purpose to a more limited degree. Apple tells you what apps can and can’t run on your phone. Google makes sure some of its own apps (such as its wallet) run only on Android phones — or run better on Android than on Apple’s or other companies’ phones (as it did for years with Google maps for Apple).

I suggest that the digital wallet might be best thought of as something that’s part a general-purpose thing called the personal cloud.

Your personal cloud is your personal space, which you run for yourself in the networked world. In it you define the ways that your personal data interacts with the world of things, and of services from companies and other entities. That may sound complicated, but it’s actually no different than the personal space you call your house, your car, and your body. In fact, you can think of a personal cloud as something akin to all three, but in the networked world rather than in the physical one. For more on this read Phil Windley, starting here; and follow what Kuppinger-Cole says about Life Management Platforms (which I recently visited here).

So, to sum up, the main thing wrong with digital wallets today isn’t what they do. It’s that they are called “wallets.” Instead they should be called what they really are, which is payment services. (Yes, they do more, but the main thing they do is facilitate transactions.)

The notion that something so personal as a wallet should be provided for you, as a service, by a company, is typical of the calf-cow thinking that has dominated computing for the duration. There is nothing wrong with this, if it’s still 1995. But it’s now 2013, and it’s time we moved on. And, to do that, I’d like to see real digital wallets — personal ones — come up as a feature of personal clouds. So, let the conversation begin. Then the development.

Bonus link: Google’s Wallet and VRM.

The Personal Revolution

December 5, 2012

Doc Searls

Developments, Featured Post, Intention Economy, Organizations, Privacy, Tools, VRM

While the history of computing and communications often appears to be one led by big entities in business and government, the biggest revolution has actually been a personal one. Each of us, as individuals, have acquired abilities that were once those of organizations alone — and have done far more with those abilities than the big players ever could — for those big players as well as for ourselves.

It started in the early ’80s, when the IBM PC became host to thousands of new applications for individuals. Personal computers suddenly proved to be a far more fertile ground for application development and new ueses than were the old corporate mainframes and minicomputers. Computing was no longer only about calculating and data processing. It was about everything one could imagine. The result was a profusion of new capabilities for individuals that also brought great benefits to organizations of all kinds and sizes.

A little more than a decade later, in the mid-’90s, the Internet did for communications what the PC did for computing. It gave individuals abilities that went far beyond those enjoyed by big organizations anywhere. Thanks to the Net, anybody could connect with anybody (or anything), anywhere in the world, using protocols that nobody owned, everybody could use, and anybody could improve. Even though there were many owned networks within the Internet, none governed the whole, and the result was a system that put every connected thing at zero functional distance from every other thing, at costs that could often be treated as zero. The positive economic and social externalities of the Internet today are beyond calculation. Again, as with PCs, this owes to new power in the hands of individuals that proved good for organizations as well.

Then in the late ’00s, smartphones and tablets put personal computing and communications advances — won by the PC and the Internet — into devices that fit in pockets and purses, running on platforms that invited millions of new applications. Once again, the increase in personal power and freedom proved essential to organizations as well. Initial resistance to BYOD (bring your own device) has ended, and companies now develop their own apps for employees and customers to use on their smartphones and tablets.

The upward trend in personal empowerment will move next to the “Internet of things,” as more of those objects and devices become equipped with computing and communication abilities — and as individuals gain the power to combine and program interactions between those things and the many services available through APIs ( application programming interfaces) and apps. Each of us will be able, either by ourselves or with the help of “fourth parties” (ones that work for us, as do brokers and banks) to control our identities, secure our privacy, and manage our many interactions in the world, without having to rely on any one platform, vendor or other enabling party. Far better economic signaling will move in both directions between demand and supply. Genuine, trusting and productive relationships will develop, and earned loyalty will prove far more useful than the coerced kind. In sum, the market will discover that free customers and citizens will prove more capable and productive than captive ones, and that this will be good for both business and society.

Progress in this direction will not be easy or even. All through the history just outlined, there have also been constant efforts to contain and limit what individuals can do with their computing and communications abilities. Large incumbent players have worked to create dependencies from which we cannot escape, and to resist competition in open markets. In spite of the many advances they have brought to the market’s table, phone and cable companies today still operate actual or virtual monopolies, and have been working from the start — aided by captive legislators and regulators — to subordinate the Internet’s boundless positive economic externalities to their own legacy business interests. Copyright and patent absolutists have also pushed successfully for laws and regulations that thwart or stop innovation and growth outside their own virtual castles.

And now, in many countries that value neither free markets nor free citizens, efforts are afoot to move Internet “governance” (an oxymoron from the angle of the Internet’s founding protocols) from organizations such as ICANN to the ITU (International Telecommunications Union, now part of the U.N.), where they can partition the Net along national lines, censor it (as in China today), and impose tariffs on data traffic across borders — enriching governments at great expense to economic growth and prosperity, and the welfare of citizens.

Yet the computing, communications and programming genies continue to do their magic for individuals and the organizations they comprise and support. Those genies will not go back in their old bottles. Thus the way to bet in the long run is on personal and economic freedom, and the general prosperity that arises from both. The only way to make that bet pay off, however, is to work on the side of individuals and the developers that empower them. That’s our job here at Customer Commons, and we invite you to join us in that work.

Free vs. Followed

June 27, 2012

Doc Searls

Developments, Featured Post, Issues, Personal, Privacy, The Customer Journal, VRM

grasped hand The fight between the free market and the followed market is about to begin. And the way to bet is on the free market, because it’s what we know works best. Also because the followed market is nuts. It only persists because it’s normative at the moment, and an enormous sum of investment is going into improving what’s most nuts about it: following people around and constantly guessing at what they might want (or trying to make them want something some algorithm thinks it might be able to make them want).

Let’s look at those norms a bit more closely. In the followed market, we —

Maintain separate logins and passwords for every site and service with which we do business, which might number in the hundreds
“Agree” to terms of service and privacy policies that we don’t bother to read because we have no choice but to accept them if we want to use the offered services
Acquiesce to stalking by sites and their third parties, even as we travel out of those sites and around the Web

In the physical world where the free market remains defaulted, you are free to be who you say you are (or to remain anonymous — that is, nameless in the literal sense), and to arrive at whatever terms are agreeable to you and the sellers you engage, with minimal coercion. This is what we enjoy when we walk through a bazaar, down Main Steet, or through a shopping mall. We don’t have to become a member of Nordstrom, or Trader Joe’s, The Container Store, or the corner grocer, to shop there, or to buy anything from them. And, when we do, we usually assume that we are not being tracked by the store after we leave.

In the followed market, we are free to choose between captors who make all the rules. Our personal identity is the separate one we have with each of them, and which they administrate. Our relationship with each of them is fully contained within their separate silo’d systems. Worst of all, we are stalked after we leave, as a matter of course. “Social” sites such as Facebook aid in surveillance by making it easy for us to spill all kinds of personal data — about ourselves and our contacts — when we “login with Facebook” elsewhere.

And its getting worse.

On July 30, 2010, The Wall Street Jounal inaugurated its What They Know series (http://wsj.com/wtk) with The Web’s New Gold Mine: Your Secrets, by Julia Angwin. Here were the key findings she reported:

• The study found that the nation’s 50 top websites on average installed 64 pieces of tracking technology onto the computers of visitors, usually with no warning. A dozen sites each installed more than a hundred. The nonprofit Wikipedia installed none.

• Tracking technology is getting smarter and more intrusive. Monitoring used to be limited mainly to “cookie” files that record websites people visit. But the Journal found new tools that scan in real time what people are doing on a Web page, then instantly assess location, income, shopping interests and even medical conditions. Some tools surreptitiously re-spawn themselves even after users try to delete them.

• These profiles of individuals, constantly refreshed, are bought and sold on stock-market-like exchanges that have sprung up in the past 18 months.

The new technologies are transforming the Internet economy. Advertisers once primarily bought ads on specific Web pages—a car ad on a car site. Now, advertisers are paying a premium to follow people around the Internet, wherever they go, with highly specific marketing messages.

On the 17th of this month, in Online Tracking Ramps Up, Julia begins,

Online tracking on 50 of the most-visited websites has risen sharply since 2010, driven in part by the rise of online-advertising auctions, according to a new study by data-management company Krux Digital Inc.

The average visit to a Web page triggered 56 instances of data collection, up from just 10 instances when Krux conducted its initial study, in November 2010. The latest study was conducted last December.”The main reason for the difference is live online auctions of data about you:

Krux estimated that such auctions, known as real-time bidding exchanges, contribute to 40% of online data collection.In real-time bidding, as soon as a user visits a Web page, the visit is auctioned to the highest bidder, based on attributes such as the type of page visited or previous Web browsing by the user. The bidding is done automatically using computer algorithms.

On June 26, the Journal published On Orbitz, Mac Users Steered to Pricier Hotels, by Dana Mattioli, who writes,

The Orbitz effort, which is in its early stages, demonstrates how tracking people’s online activities can use even seemingly innocuous information—in this case, the fact that customers are visiting Orbitz.com from a Mac—to start predicting their tastes and spending habits.

Imagine walking with a friend down 5th Avenue in New York and attempting to have a conversation about the totally different scenes both of you see when you look into the stores you pass or enter together. One of you sees hats in a store window while the other sees shoes. One sees a door where the other sees a wall. One sees a counter of candies while the other sees an aisle of garden tools. When one of you pauses to look at the cosmetics counter, the colors of lipstick suddenly change, because the store — or its third parties — know it’s you and start making guesses about what you might want, or that the companies paying for shelf space in the store hope to make you want. When the other looks at the store directory, she finds that the departments have been re-arranged. Now the shoe department is to her right when it used to be to the left. The dress shoes are now in the back, and all of them are red and black. Athletic shoes are now in front, because she paused to look in the window of a sporting goods store back up the street.

Whether or not this kind of personalization works is beside a more essential point: that in today’s online marketplace we are being followed constantly, with at most only our tacit approval. Without the conscious involvement of fully human customers, operating as free and independent actors possessing full agency, the online environment has gone insane. That is, without coherence, or grounding in reality. It makes sense only to the vendor’s side of the marketplace, and even there it’s not fully together. Writes Julia Angwin in her most recent story,

More than half the time, Krux found that data collectors were piggybacking on each other. For example, when a user visited a website that had code for one tracking technology, the data collection would call out to and trigger other tracking technologies that weren’t embedded on the site. As a result of such piggybacking, websites often don’t know how much data are being collected about their users.

‘It may be the first medium where the buyers have more information about the price, the value and the amount of inventory than the seller,’ said Krux President Gordon McLeod.

In the free market, as it has been understood since our ancestors first traded shells for seeds, certain things are stable and well understood. These include not only the physical nature of locations, but social norms and protocols for interacting with each other, which begin with the assumption that the other party is a free, independent and sovereign being who controls what is public and what is private about themselves. (Which is why, for example, we tend to wear clothes in public and live in enclosed spaces.)

In the free market it would be absurd for a guy from a store to put a hand in your pocket and hold onto your leg while you walked around, saying “Don’t mind me. I’m just here to see what you’re up to. Actually I don’t want to know your name, but just to track what your body is doing so you can get the best advertising and product offerings, based on what some machines think at the moment would be best for you and for us. It’s for your own good.” Or, more literally, to do the same with an invisible robot tick that attaches to your body and sucks out your data. But in the followed market, that stuff is normative in the extreme. And it works well enough, so far, at least for the advertisers and their intermediaries, that it persists in spite of its absurdities.

The followed market will fail not only because it is absurd and offensive to human sensibilities, but because it is not as effective as the kind of simple human interactions we were all built for in the first place. We don’t have those online yet — not in the commercial space comprised of billions of competing silos. But we will. Count on it. The Web we know is just seventeen years old (dating back to the first graphical browsers in 1995).

In a general way, what the free market still lacks online is a build-out of capabilities on the customers’ side to match the build-out of capabilities on the vendors’ side. That’s what ProjectVRM has been working toward for the past six years. The result so far is a growing list of developers, projects and prospects for major breakthroughs in customer capacity to assert independence, establish privacy boundaries, and deal with vendors as self-empowered equals and not as vendor-defined and -controlled dependents.

Customer Commons’ mission is to preserve and improve the free market, both online and off, by helping customers become free and independent participants in that market. So, while ProjectVRM remains focused on development and developers, Customer Commons is focused on putting those developments to work for customers — and for giving customers a way to participate in that development, and to lead it forward.

And we welcome your help with that.